gssd: Fix double free when exporting lucid context When using GSSAPI's gss_krb5_export_lucid_context the context passed into the function is actually deleted during the export (to avoid reuse as the context contains state that depends on its usage). Change the code to pass in a pointer to the context so that it can be properly NULLed if we are using the GSSAPI context and following calls to gss_delete_sec_context will not cause double free errors and segfaults. Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Kill SPKM3: remove spkm3 from common gssd code Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Add support for non-DES encryption types. Sends a new format of context information to the kernel. (Requires kernel support to do anything useful.) Signed-off-by: Steve Dickson <steved@redhat.com>
gssd/svcgssd: add support to retrieve actual context expiration Add some plumbing so that the context expiration can be returned while serializing the information. Later patch(es) will actually get the expiration and pass it down to the kernel. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com>
Share handling of lucid_sec_context for Heimdal and MIT Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> The 0.8 release of Heimdal has (will have) support for the lucid context. The handling of lucid_sec_context can be shared between builds with MIT or Heimdal Kerberos. Split out the lucid_sec_context code from context_mit.c and make a new common file, context_lucid.c. Signed-off-by: Neil Brown <neilb@suse.de>
Update krb5 code to use glue routine lucid context functions The gssd code should not know about the glue layer's context structure. A previous patch added gss_export_lucid_sec_context() and gss_free_lucid_sec_context() functions to the gssapi glue layer. Use these functions rather than calling directly to the Kerberos gssapi code (which requires the Kerberos context handle rather than the glue's context handle). (really this time)
Separate out context handling code for MIT Kerberos and SPKM3 into their own file. (Really this time)
Add gss support from citi @ umich